On Tue, Jun 19, 2007 at 02:23:18PM +0930, n0dalus wrote: > A better way of giving users this kind of access is to allow the > password to go from user -> root to be set to a different password > than their usual login password (which would be essentially the same > as having a second user). This could be implemented with a pam module, > so users trying to sudo are not asked for their own password but a > second password they set (and any dialogue would be clearly labelled > to make clear which password was being asked for). This could then be > integrated into consolehelper. My prefered way to do this is with user/root kerberos principals with strong complexity requirements for the password and the requirement to change it every few months. Hardly something to use in a desktop or a laptop though. Kostas -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
